The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.

Slides:

Advertisements

Similar presentations

Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer

Advertisements

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 1 RIPE NCC Certification Task Force Update Presented by Nigel Titley RIPE NCC.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

TERENA: European Collaboration in Research and Education Networking Belarus-Poland NREN Cross Border Link Inauguration Event Minsk, Belarus,

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public University of the Future 1 TF-Mobility future Klaas Wierenga

Media Management and Distribution Workshop Next Step… Media Management and Distribution Workshop Zurich, Switzerland January, 2009 Peter Szegedi.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.

Authentication Policy David Kelsey CCLRC/RAL 15 April 2004, Dublin

23 June Strategy Proposal Heinz Stockinger on behalf of the Executive Board SwiNG Assembly Meeting Berne, 23 June 2008.

EInfrastructure policies April 2004, Dublin Next steps and conclusions Brian Coghlan Patrick Aerts Kyriakos Baxevanidis.

The EU Grid PMA David Kelsey CCLRC/RAL 16 April 2004, Dublin

Updated e-IRG recommendations Motivation and status.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE-III Program of Work Erwin Laure EGEE-II / EGEE-III Transition Meeting CERN,

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

EGI: SA1 Operations John Gordon EGEE09 Barcelona September 2009.

Towards the definition of an eIRGRoma, 10 December An e-Infrastructure in Europe: a strategy and policy driven approach for a policy eIRG A pink.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

White paper overview 1 st eIRG meeting June, 10 th 2003 Fotis Karayannis GRNET - Greek Research & Technology Network

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability Shibboleth - gLite Christoph.

High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005

TERENA TF-EMC2 Workshop David Groep,

Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)

AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.

White paper overview 2 nd eIRG meeting April, 16 th 2004 Fotis Karayannis, Editor GRNET - Greek Research & Technology Network

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

ESnet RAF and eduroam ™ Tony J. Genovese ATF Team ESnet/Lawrence Berkeley National Laboratory.

INFSO-RI Enabling Grids for E-sciencE External Projects Integration Summary – Trigger for Open Discussion Fotis Karayannis, Joanne.

TERENA update Karel Vietsch TERENA CEO Internet2 Fall Meeting, Atlanta 30 October 2000.

Connect. Communicate. Collaborate AAI scenario: How AutoBAHN system will use the eduGAIN federation for Authentication and Authorization Simon Muyal,

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

PAPI: Simple and Ubiquitous Access to Internet Information Services JISC/CNI Conference - Edinburgh, 27 June 2002.

Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

INFSO-RI Enabling Grids for E-sciencE Policy and International cooperation Fotis Karayannis, NA5 activity leader All Activity Meeting.

Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.

Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL

Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA

EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.

Programme ›TERENA ›Overview of the middleware initiatives in the European Higher Education ›What is eduroam: the technology and how to set up eduroam ›eduroam-in-a-box:

17 March 2008Standards for Interoperable Grids 1 Introduction Standards for Interoperable Grids: Experience from NextGRID and OMII-Europe Clive Davenhall.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

18-May-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) Barcelona 18 May 2004 David Kelsey CCLRC/RAL, UK

EGEE is a project funded by the European Union under contract IST eInfrastructures White Paper Fotis Karayannis EGEE SEE Fed. Representative.

EGEE is a project funded by the European Union under contract IST eInfrastructures Fotis Karayannis EGEE SEE Fed. Representative in PMB, GRNET.

European collaboration on research networking development update on TERENA activities Karel Vietsch TERENA CEO Spring 2002 Internet2 Member Meeting Arlington.

TACAR Updates version David Groep, NIKHEF. 9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Aims  Trusted and.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Grant Agreement n

European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Gilda certificates. Certification Authority

AAI Interconnection with an European style Diego R. Lopez RedIRIS.

Connect. Communicate. Collaborate Applying eduGAIN to network operations The perfSONAR case Diego R. Lopez (RedIRIS) Maurizio Molina (DANTE)

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.

The Fine Art of Politics in TERENA Middleware Task Forces.

Bob Jones EGEE Technical Director

Applying eduGAIN to network operations The perfSONAR case

Cross-sector and user-centric AAI

HellasGrid CA & euGridPMA

Trinity College Dublin Progress this eIRG Semester

Session 1.6a: PRESENTATION

GN2 JRA5 Roaming and Authorisation Jürgen Rauschenbach, DFN-Verein

Presentation transcript:

The TERENA Academic CA Repository

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and Authorisation Coordination for Europe  A middleware coordination activity among European NRENs promoted by TERENA  To provide a forum for exchanging experiencie and knowledge in the areas of AA technologies  To encourage the deployment of interoperable (inter- institutional) AA infrastructures and services in the TERENA community  To coordinate the TERENA community contribution to standardization processes in these areas  Development and deployment of interoperable AAIs

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE Achievements  A survey of the different approaches to AAIs  Agreements on protocols and interoperability requirements  An interoperability assessing system is under development  Initial input to the JRA5 of the GN2 proposal  A survey of the current authentication practices within the European NRENs  Used as input for the current version of the white paper  Liaisons with other groups of interest  Mobility  Videoconferencing and streaming  Grids  The TACAR

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – The Case for the Repository  A common academic root had shown unfeasible  Policies have incompatible purposes and even basic principles  Several applications impose limitations in the certificate verification procedues  Extending the infrastructures usually means cumbersome resigning processes  A common bridge was perceived as too complicated  High costs (even in the "simpler" case of the US Federal BCA)  Few bridge-aware software elements

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – The Goals for the TACAR  Provide a means for building a PKI-based web of trust among the European academic community (and beyond!)  Without the technical and administrative overhead of a root or bridge CA  Based on two basic principles  Keep it simple  Let it happen  Conceived as a collection of certificates  More formalization was rapidly requested and incorporated

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – What the TACAR Currently Provides  A trusted source for  Root certificates/policies for EUGridPMA  Root certificates/policies for other constituencies  The repository is built and updated by means of out-of-band methods  Face-to-face meetings  Required for the initial incorporation  PGP-enabled mail  (Optional) bundles of available certificates  Although problems have been detected with certain combinations of formats and browsers

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – What the TACAR Can Provide in the Future  A single authoritative source for certificates and policies  Complementary of the EUGridPMA services  Simplification of maintenance procedures  A means for extending trust links  Beyond the borders of the Grid community  Beyond the borders of the EU  An anchor for deploying new AA mechanisms  TACAR could act as a trust clearinghouse for (con)federated approaches  A model to experiment with  Lighter than a common root, simpler than a bridge

eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – Endorsment of the TACAR The TERENA Academic Certificate Authority Repository (TACAR) is the common repository for storing and validating the CA root certificates for the EUGridPMA constituent Certificate Authorities. An endorsement by the eIRG of the TACAR will be a concrete first step towards common EU polices for authentication for resource access and sharing for e-science.